No February Meeting
We are not going to have a February meeting. Stay home, stay warm, and enjoy Valentines Day. We will see you in March for the badge hacking night (details below):
Let’s hack some DEF CON XX badges!
DC612 is holding a badge hacking workshop! Wanna have fun and setup a commodore 64 emulator on your Defcon XX badge! Now is the time! DEF CON donated 30 extra badges (CDs and Programs too!). Their only request was that we post (Blog, Social Media, Office Xerox, etc) about your project or board when we complete it.
We are asking $5-$10, but you can always add more, as the donation goes directly to the Hack Factory. Each ticket comes with a badge. You will need to pay cash for the badge when you arrive, as we get chraged $1 for each ticket we sell via eventbrite. We’ve also setup individual badge tickets. So say you wanted a Human badge- design #1, well you can use that as your ticket and we will make sure you get that badge.
These were donated by DEF CON for us to play with. To order more and check out the designs, visit: http://hackerstickers.com/product/hardware-dc20-humanbadge/
– DC612
DC612 Day: March 9th 2013
This event is a one day hands-on learning conference that unlike traditional conferences, this event is geared towards hands-on learning. The topics selected are based in input from the community via survey that was completed last fall. Below is the schedule for the day. A buffet style lunch will be provided during the lunch break.
Schedule:
8:30am-9am – Get in, get settled (pastries and coffee available)
9am-12pm – Hands on Penetration Testing 101 by Scott Sutherland & Karl Fosaaen
12pm-1pm – Lunch (provided by Elsie’s)
1pm-3pm – Web Application Security: OWASP Top 10 by Brian Johnson
3pm-3:15pm – Break
3:15pm-5pm – Challenge Walk-through by Spenser Reinhardt
Beverages will be available all day. Soda is included with admission, beer/liquor is not.
Registration: http://dc612day.eventbrite.com/
Session Details:
Title: Hands on Penetration Testing 101 by Scott Sutherland & Karl Fosaaen
Abstract: The goal of this training is to introduce attendees to standard penetration test methodologies, tools, and techniques. Hands on labs will cover the basics of asset discovery, vulnerability enumeration, system penetration, privilege escalation, and bypassing end point protection. During the labs, common vulnerabilities will be leveraged to illustrate attack techniques, using freely available tools such as Nmap and Metasploit. This training will be valuable to anyone interested in gaining a better understanding of penetration testing or to system administrators trying to understand common attack approaches.
Requirements: All attendees interested in participating in the labs will need to bring their own laptop. A copy of BackTrack will be provided to all attendees on a USB flash drive that they can keep. Laptops should have a wired Ethernet port in order to participate in labs.
Title: Web Application Security: OWASP Top 10 by Brian Johnson
Abstract: In this session we will learn how to find, demonstrate how to exploit and discuss how to prevent the OWASP Top 10 Security Issues. We will also discuss how these issues are exploited in the real world. Students will have the opportunity to have hands on experience testing for and exploiting these issues.
Requirements: All attendees interested in participating in the labs will need to bring their own laptop. Laptops should have a wired Ethernet port in order to participate in labs.
Title: Challenge Walk-through by Spenser Reinhardt
Abstract: Capture the flag challenges, are no easy task and can require vast and intimate knowledge of many different aspects of computer systems. This session will guide participants through a variety of challenges, ranging from application exploitation, forensic image recovery, cryptography, and binary reverse engineering. Each task will be challenging and presents something new to learn. By the end, you should have a basic idea of how capture the flag events work, what to expect and an understanding of how to complete a variety of challenge types.
Requirements: All attendees interested in participating in the labs will need to bring their own laptop. Laptops should have a wired Ethernet port in order to participate in labs.
January 10th Meeting 6pm @ The Hack Factory
This month we are going to be messing around with the Raspberry Pi devices. There will be informal demos so if you have one, bring it and share what you have done with it. Have another device/project you have been working on, bring it in and tell us about it.
As always, The Hack Factory doesn’t have a bar, so bring your own food & beer and remember, there are no maids on the Hack Factory payroll, so you need to clean up after yourself.
Agenda:
6PM-??? – Raspberry Pi Demos/Other projects
See you Thursday!
-DC612
Hack Factory is located in the Seward neighborhood.
Save the date – DC612 Day – March 9th 2013
Thank you to all who responded to our survey! It appears that there is sufficient interest for a one day hands-on event. We are planning on holding the event on March 9th, 2013. Based on the survey results, we are going to cover challenge walk-through, vulnerability scanning, and exploitation during this one day hands-on learning event. More details and registration will be available in the upcoming weeks. Below are the results of two of the questions asked on the survey:
Dec 13th Meeting 6pm @ Elsies
This month we will have Jay Jacobs presenting on the following (as written by Jay himself):
I’d like to geek out on data analysis and data visualization, primarily around data I’ve collected myself or gotten through my work on the Verizon RISK team. I’ll cover some basic guidelines when communicating with data as well as some common pitfalls and solutions. I’ll cover some tools out there folks can use and if the demo gods smile, maybe even run through some live data.
Jay Jacobs is a cryptonerd turned data geek. He is a principal on the Verizon RISK Team where he plays with data for the Data Breach Investigation Report and other research efforts. Jay also serves on the board of the Society of Information Risk Analysts and is currently studying applied statistics at Penn State.
Agenda:
6:00PM-6:30PM – Get in, get drinks and food ordered
6:30PM-???? – Jay Jacobs
Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413